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Server Security 


NetWare® provides many features and tools for protecting your server and 
network. For a general discussion of NetWare security features, see 
“Understanding” on page 9. 


Important security strategies include protecting the server console itself, 
protecting the network from viruses, and using an uninterruptible power 
supply. Specific security features of NetWare include NCP packet signature 
and the Transaction Tracking System™. For information about these topics, 
see “Managing” on page 17. 


The following topics are also important to maintaining a secure server: 


+ Contents > Disks and Storage Devices > Managing > Mirroring and 
Duplexing Partitions. 


+ Contents > Disks and Storage Devices > Managing > Managing 
Removable Media Devices > Locking and Unlocking a Removable 
Media Device. 


+ Contents > Security Services > Auditing the Network. 
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Understanding 


NetWare protects data by providing duplicate directory entry (DET) and file 
allocation tables (FAT) , by providing features such as packet signature and the 
Transaction Tracking System, and by enabling the use of an uninterrupted 
power supply (UPS). A general discussion of these features is provided in this 
section. 


NetWare also provides system fault tolerance by redirecting data from bad 
blocks to reliable blocks on the server’s hard disk, and by mirroring and 
duplexing partitions. For information about these features, see Contents > 
Disks and Storage Devices > Understanding > Redirecting Bad Blocks and 
Contents > Disks and Storage Devices > Managing > Mirroring and 
Duplexing. 


Understanding 9 


Duplicate File Directories 


In the traditional NetWare file system, a disk’s directory entry table (DET) and 
file allocation table (FAT) contain address information that tells the operating 
system where data can be stored or retrieved. If the blocks containing these 
tables are damaged, some or all of the data might be irretrievable. 


NetWare greatly reduces the possibility of losing this information by 
maintaining duplicate copies of the DET and FAT on separate areas of the hard 
disk. 


If one of the blocks in the original tables is damaged, the operating system 
switches to the duplicate tables to get the location data it needs. The faulty 
sector is then listed in the disk’s bad block table, and the data it contained is 
stored elsewhere on the disk. 


Every time the server is turned on, the operating system performs a 
consistency check on both sets of DETs and FATs to verify that the two copies 
are identical. If both sets don’t match, a warning is sent, and the network 
administrator should run VREPAIR. 


NCP Packet Signature 


NetWare includes a security feature called NCP packet signature that protects 
servers and clients using the NetWare Core Protocol™ (NCP) services. 


NCP packet signature prevents packet forgery by requiring the server and the 
client to sign each NCP packet. The packet signature changes with every 
packet. 


Without NCP packet signature installed, a user could pose as a more 
privileged user and send a forged NCP request to a NetWare server. By forging 
the proper NCP request packet, an intruder could gain the Supervisor object 
right and access to all network resources. 


NCP packets with incorrect signatures are discarded without breaking the 
client’s connection with the server. However, an alert message about the 
invalid packet is sent to the error log, the affected client, and the server 
console. The alert message contains the login name and the station address of 
the affected client. 


If NCP packet signature is installed on the server and all of its workstations, it 
is virtually impossible to forge a valid NCP packet. 
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For additional information about packet signature, see: 
+ “When to Use Packet Signature” on page 11 
+ “NCP Packet Signature Options” on page 11 
+ “Effective Packet Signature” on page 12 


+ “Recommended Signature Levels” on page 13 


To implement packet signature, see “Using NCP Packet Signature” on page 
22) 


When to Use Packet Signature 


NCP packet signature is recommended for security risks such as 
+ An untrustworthy user at a workstation on the network 
¢ Easy physical access to the network cabling system 


+ An unattended, publicly accessible workstation 


NCP packet signature is not necessary for every installation. You might 
choose not to use NCP packet signature if you can tolerate security risks in 
situations such as 


+ When only executable programs reside on the server 
+ You know and trust all network users 


+ Data on the NetWare server is not sensitive and loss or corruption of this 
data would not affect operations 


NCP Packet Signature Options 


Because the packet signature process consumes CPU resources and slows 
performance both for the client and the NetWare server, NCP packet signature 
is optional. 


Several signature options are available, ranging from never signing NCP 
packets to always signing NCP packets. NetWare servers and NetWare clients 
each have four settable signature levels. 


The signature options for servers and clients combine to determine the level 
of NCP packet signature on the network. 


You can choose the packet signature level that best meets both your system 
performance needs and network security requirements. 
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NOTE: Some combinations of server and client packet signature levels can slow 
performance. However, low-CPU-demand systems might not show any performance 
degradation. 


Effective Packet Signature 


The NCP packet signature levels for the server and the client interact to create 
the effective packet signature for the network. Some combinations of server 
and client levels do not allow logging in. 


The following figure shows the interactive relationship between the server 
packet signature levels and the client signature levels. 


Figure 1 Effective Packet Signature of Server and Client 


Server = 0 | Server = 1 | Server = 2 | Server = 3 


Client = 0 
Client = 1 
Client = 2 
Client = 3 























@ Packet signature 
O No packet signature 
© No logging in 
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Recommended Signature Levels 


The default NCP packet signature level is 1 for clients and 1 for servers. In 
general, this setting provides the most flexibility while still offering protection 
from forged packets. Following are some examples of situations requiring 
different signature levels. 





Situation 


Example 


Recommendation 





All information on the server is 
sensitive. 


Sensitive and nonsensitive 
information reside on the same 
server. 


Users often change locations and 
workstations. 


A workstation is publicly 
accessible. 





If an intruder gains access to any 
information on the NetWare 
server, it could damage the 
company. 


The NetWare server has a 
directory for executable programs 
and a separate directory for 
corporate finances (such as 
Accounts Receivable). 


You are uncertain which 
employees will be using which 
workstations, and the NetWare 
server contains some sensitive 
data. 


An unattended workstation is set 
up for public access to 
nonsensitive information, but 
another server on the network 
contains sensitive information. 


Set the server to level 3 and all 
clients to level 3 for maximum 
protection. 


Set the server to level 2 and the 
clients that need access to 
Accounts Receivable to level 3. 
All other clients remain at the 
default, level 1. 


Set the server to level 3. Clients 
remain at the default, level 1. 


Set the sensitive server to level 3 
and the unattended client to level 
0. 


For information on implementing NCP Packet Signature, see “Using NCP 
Packet Signature” on page 22. 
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Transaction Tracking System 


NetWare includes a transaction-monitoring feature called the Transaction 
Tracking System™ (TTS™). If you flag a file as transactional, TTS can 
prevent corruption of records in the file by backing out of incomplete 
transactions and keeping a record of backed-out data. 


NOTE: A file flagged as transactional cannot be deleted or renamed. 


TTS can also back out file truncations or extensions and multiple changes to 
the same data area during a single transaction. TTS can even back out 
interrupted backouts if the NetWare server fails in the middle of backing out 
transactions. 


By default, NetWare uses TTS to protect the NDS® database from corruption. 
But TTS can protect against these types of failures for any type of application 
that issues record-locking calls and stores information in records, including 
traditional databases, some electronic mail applications, and some workgroup 
appointment schedulers. 


Files that aren’t organized into discrete records (such as word processing files) 
aren’t protected by TTS. 


TTS is available only for the traditional NetWare file system. 


WARNING: By default, TTS is enabled. Do not disable TTS intentionally because this 
will prevent updates to the NDS replicas on the server. 


Transactions on a network can be saved improperly in any of the following 
situations: 


+ Power to a server or a workstation is interrupted during a transaction. 


¢ Server or workstation hardware fails during a transaction (for example, a 
parity error on a network board). 


+ A server or workstation hangs (a software failure) during a transaction. 


+ A network transmission component (such as a hub, a repeater, or a cable) 
fails during a transaction. 


If the server fails and the file has been flagged transactional, TTS backs out 
the transaction when the server comes up again. If a workstation or network 
transmission component fails, TTS backs out the transaction immediately. 


NDS transactions are always backed out by TTS; you do not need to flag the 
NDS database in any way. 
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How TTS Works 


TTS guarantees that all changes to a database file are either wholly completed 
or not made at all. TTS follows these steps to track transactions: 


1. 


When the application allocates a physical or logical record lock, TTS 
infers that the application is making a transaction. At this point, if you 
have flagged the file as transactional, TTS begins tracking the transaction 
so that the transaction can be backed out if a failure occurs. 


. TTS makes a copy of the original data so the data can be restored if the 


transaction fails. A copy of the data is placed in a file external to the 
database. This external file contains all transaction backout information; 
only the operating system uses it. 


. After the copy of the original data has been written to the backout file, 


TTS writes the changed data to the database file. 


. TTS repeats Steps 2 and 3 for additional changes (a single transaction can 


consist of a sequence of changes). 


. When all changed data has been written to disk, and the database 


application releases physical and logical record locks, TTS infers that the 
application has completed the transaction. TTS writes a record to the 
backout file, indicating that the transaction is complete, and stops 
tracking the transaction. 


To learn how to use TTS, see “Protecting Database Integrity with TTS” on 
page 29. 
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Uninterruptible Power Supply (UPS) 


An uninterruptible power supply (UPS) is a backup power unit that supplies 
uninterrupted power if a commercial power outage occurs. A UPS is an 
indispensable part of your network. Not only does it help prevent damage to 
your computers from power surges and brownouts, but it also prevents data 
loss during power outages. 


Both online and offline UPS systems are available: 


+ Online UPS . Actively modifies the power as it moves through the unit. 
If a power outage occurs, the unit is already active and continues to 
provide power. 


An online UPS is usually more expensive than an offline UPS, but 
provides a nearly constant source of energy during power outages. 


+ Offline UPS . Monitors the power line. When power drops, the UPS is 
activated. 


The drawback to this method is the slight lag before the offline UPS 
becomes active. However, most offline UPS systems are fast enough to 
offset this lag. 


Because UPS systems can be expensive, most companies attach them only to 
the most critical devices, such as NetWare servers, routers, and hard disk 
subsystems. 


Attaching a UPS to a server enables the server to properly close files and 
rewrite the system directory to disk. 


Unfortunately, most programs run on the workstation and data stored in RAM 
is not saved during a power outage unless each station has its own UPS. 


If the UPS doesn’t have its own form of surge protection, install a surge 
protector to protect the UPS. 


For instructions for using UPS with a serial port, see “Using UPS with a Serial 
Port” on page 25. 
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Managing 


Two important general security strategies include protecting the server 
console itself and protecting the network from viruses. See “Securing the 
Server Console” on page 18 and “Preventing Virus Infection” on page 21. 


To use specific security features of NetWare, see “Using NCP Packet 
Signature” on page 22, “Using UPS with a Serial Port” on page 25, and 
“Protecting Database Integrity with TTS” on page 29. 


For information on auditing the use of the network, see Contents > Security 
Services > Auditing the Network. 
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Securing the Server Console 


The first principle of server console security is physical security. If you don’t 
provide physical security, nothing else you do matters very much. 


The processing unit should be locked in a place where no one can remove it 
or reboot it. Some network administrators remove both the keyboard and the 
monitor and manage the server remotely by using the Remote Management 
Facility (RCONSOLE and REMOTE). We suggest that you also consider 
using a power-on password whether you manage at the console or use 
RCONSOLE at a workstation. 


Two utilities provide additional security at the console: 


+ The SECURE CONSOLE command (Reference > Utilities Reference > 
Utilities > SECURE CONSOLE). 


+ The screen saver console-lock feature (Reference > Utilities Reference > 
Utilities > SCRSAVER ) 


Procedures for using the utilities follow: 
+ “When to Use SECURE CONSOLE” on page 18 
+ “Using the SECURE CONSOLE Command” on page 19 
+ “Using SCRSAVER to Lock the Server Console” on page 19 


+ “Unlocking the Server Console” on page 20 


When to Use SECURE CONSOLE 
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When you have provided physical security for your server, you should secure 
the console. The SECURE CONSOLE utility provides the following security 
features, while still allowing administrators to use the console: 


¢ Prevents NetWare Loadable Module™ programs from being loaded from 
any directory other than sys:system or c:\nwserver. This means that no 
one can load an invasive NLM™ from a server’s diskette drive or boot 
partition unless it is already in a search path. 


¢ Prevents keyboard entry into the operating system debugger. This 
restricts the ability to alter the operating system. 


¢ Prevents anyone from changing the date and time. Some security and 
accounting features depend on date and time for their enforcement. 
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Keep in mind that when you issue SECURE CONSOLE, the server must be 

taken down and rebooted to un-secure the console. (Now that server parameter 
settings are persistent in NetWare 5, you can down the server without losing 

the settings you made to optimize and tune your server.) For more information, 
see Reference > Utilities Reference > Utilities > SECURE CONSOLE. 


When you use SECURE CONSOLE with the Remote Management Facility, 
access via RCONSOLE is subject to the protections provided by SECURE 
CONSOLE. 


SECURE CONSOLE does not lock the server console. You can lock the 
console by using SCRSAVER. If the console is locked using the console- 
locking feature, an intruder can still access the console from a remote 
workstation; however, the intruder must still be authenticated to N Ds® 
through the SCRSAVER console lock. 


HINT: To protect the server console by encrypting the RCONSOLE password in the 
autoexec.ncf file, see Remote Server Management > Managing > Using DOS-Based 
Remote Console > Loading Remote Modules on Bootup. To restrict remote 
connections, see Reference > Utilities Reference > Utilities > REMOTE. 


Using the SECURE CONSOLE Command 


To secure the server console, enter at the server console prompt: 


SECURE CONSOLE 


To secure the server console whenever the server is booted, add the SECURE 
CONSOLE command to the server’s autoexec.ncf file. If the autoexec.ncf file 
loads modules from any directory other than sys:system or c:\nwserver, then 
in the .ncf file the SECURE CONSOLE command must follow the LOAD 
commands for these modules. 


IMPORTANT: To remove SECURE CONSOLE, you must first down the NetWare 
server and reboot it. If the SECURE CONSOLE command is in the autoexec.ncf file, use 
EDIT or any text editor to remove it before you down the server and reboot. 


Using SCRSAVER to Lock the Server Console 


The console-locking feature has been removed from MONITOR and included 
with the screen saver in its own module, scrsaver.nlm. 


When the screen saver is activated, it displays a moving snake for each 
processor on the server. Each snake is a different color: the first one is red; the 
second is blue, etc. The speed of each snake and the length of its tail are 
directly proportional to the processor’s utilization. 
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The console-locking feature allows you to require a password before gaining 
access to the server console prompt. If a key is pressed when the console lock 
is enabled, a dialog box appears. You must then supply an NDS username and 
password. In addition, the User object must have Write rights to the access 
control list (ACL) of the Server object to gain access to the server console 
prompt . 


If the console is unlocked, press any key to activate the console. The snake 


screen will disappear. 


1 To display command options for SCRSAVER, enter at the server console 
prompt 
SCRSAVER HELP 
Command options allow you to enable and disable locking, check the 
status of the lock options, and change the length of time the console is 


allowed to be inactive before the screen saver is activated. The default is 
600 seconds (10 minutes). 


2 For more information about a command option, enter at the console 
prompt 


SCRSAVER HELP command_option 
3 To load the SCRSAVER module, enter at the server console prompt 
SCRSAVER [option; option...] 


When you load the screen saver, the default is to enable the console- 
locking feature and to require a password for access. The corresponding 
NDS user must have Write rights to the Access Control List (ACL) of the 
Server object. 


For more information, see Reference > Utilities Reference > Utilities > 
SCRSAVER in Utilities Reference. 


Unlocking the Server Console 
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The console-locking feature has been removed from MONITOR and included 
with the screen saver in its own module, scrsaver.nlm. 


1 From the screen saver snake display, press any key. 
2 At the login box, press Enter to highlight the username field. 


The login box appears only if the console is locked. 
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3 Enter the username. 


The User object must have Write rights to the ACL for the Server object. 


If the username field is blank or if you want to change the username, type 
in an NDS™ username and context. Again the User object must have the 
required rights. 


4 Press Enter again to highlight the password field. 


5 Type the password for the username and press Enter twice. 


The screen saver disappears and the server console screen appears. 


Preventing Virus Infection 


Keep viruses off the network by educating users about virus dangers and by 
enforcing procedures that reduce virus risks, such as the following: 


+ 


+ 


Back up data frequently. 


Maintain layers of archived backups so you can retrieve a backup from a 
preinfected file. 


Keep a write-protected, bootable diskette with the latest virus scan and 
removal software for all servers and workstations. 


Keep a backup of executable files and flag them Execute Only. 
Educate yourself about the infection techniques of the latest viruses. 
Educate network users about how to detect viruses. 


Warn users of the dangers of viruses. Discourage them from using 
diskettes and files that have been in computers away from work. 


Teach users to power down their workstations immediately upon 
encountering a virus. 


Restrict access to a server’s diskette drives by locking the server in a 
secure room. Put tape over the drive openings to remind you not to use 
them unnecessarily. 


Avoid using the Admin account when possible. The fewer privileges your 
login account has, the less power a virus has to destroy data and to spread. 
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Using NCP Packet Signature 


NetWare includes a security feature called NCP Packet Signature that protects 
servers and clients using the NetWare Core Protocol™ (NCP) services. For 
general information about NCP Packet Signature, see “NCP Packet 
Signature” on page 10. 


Instructions for using NCP Packet Signature follow: 
¢ “Server Signature Levels” on page 22 
¢ “Client Signature Levels” on page 23 


+ “Packet Signature and Job Servers” on page 24 


Server Signature Levels 
+ To determine the server’s current signature level, enter 
SET NCP Packet Signature Option 
+ To set a server’s packet signature level, enter 
SET NCP Packet Signature Option = number 


Replace number with 0, 1, 2, or 3. The default is 1 





Number Explanation 

0 Server does not sign packets (regardless of the client level). 

1 Server signs packets only if the client requests it (client level is 2 or higher). 

2 Server signs packets if the client is capable of signing (client level is 1 or higher). 
3 Server signs packets and requires all clients to sign packets or logging in will fail. 





You can use the SET console command to change the signature level from a 
lower to a higher level. 


You cannot change from a higher to a lower level unless you first reboot the 
server. For example, if the current signature level is 2, you can’t set the 
signature level to 1 by using the SET command at the console. To change the 
signature level from 2 to 1, you must add the SET command to the startup.ncf 
file and then restart the server: 


SET NCP Packet Signature Option = 1 
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You can add this SET command to your startup.ncf file to set the signature 
level each time the server is brought up. 


Client Signature Levels 


Set client signature levels to 0, 1, 2, or 3. The default is 1. Increasing the value 
increases security, but decreases performance. 





Number Explanation 

0 Disabled. Client does not sign packets. 

1 Enabled, but not preferred. Client signs packets only if the server requests it (server level 
is 2 or higher). 

2 Preferred. Client signs packets if the server is capable of signing (server level is 1 or 
higher). 

3 Required. Client signs packets and requires the server to sign packets or logging in will 


fail. 


+ To set DOS or MS Windows client signature levels, add the parameter to 
the workstation net.cfg file, as follows: 


signature level = number 


¢ To set the Windows 95 or Windows NT client signature level for an 
individual workstation, change the parameter setting with the Advanced 
Settings tab of Novell NetWare Client Properties, as follows: 


From the system tray, right-click N 

Click Novell Client Properties 

Click Advanced Settings, then select Signature Level from the scrollable 
list 

You can set the signature level for multiple clients at once by adding the 


signature level to the configuration file when you install the clients. 


For information about configuring Windows 95 clients, see Clients > 
Novell Client for Windows 95 > Planning > Configuring Before Installing. 


For information about configuring Windows NT clients, see Clients > 
Novell Client for Windows NT > Setting Up > Preparing to Install; then 
click on the link to Unattended Install of Novell Client. 
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You can also refer to the Novell Client Install Manager (NCIMAN) online 
help for more information. You will find NCIMAN for Windows 95 on 
the NetWare client CD at Products \ibm_enu\admin. You will find 
NCIMAN for Windows NT on the NetWare client CD at Products 
\winnt\i386\nls\english\admin. 


Changing the Signature Level for an NLM 


NLM programs that use the Novell Runtime Libraries are assigned a default 
NCP Packet Signature level that corresponds to the current signature level of 
the server. 


To change the packet signature level for a single NLM, use the following 
command syntax when you load the NLM: 


[LOAD] NLM [CLIB OPT]/L number 


Replace number with 0, 1, 2, or 3. 


Packet Signature and Job Servers 


A job server is a server that performs a task and then returns the completed 
task. Most job servers are third-party products. 


You should be aware that some job servers do not support NCP Packet 
Signature. A job server might produce unsigned sessions if 


+ It does not operate on top of DOS 
+ It does not use standard Novell clients 
+ Itis not an NLM 


+ It uses its own implementation of the NCP engine (such as embedded 
print servers in printers) 


Minimizing Risks 


24 


To minimize security risks associated with job servers: 
¢ Install queues only on servers with signature level 3. 


+ Do not allow privileged users to put jobs in queues on servers with 
signature levels below 3. 


¢ Make sure the job server’s account is unprivileged. 


¢ Disable the job server’s ability to change to client rights. 
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Disabling Change to Client Rights 


To prevent a job server from assuming the rights of a client, add the following 
SET command to the server’s startup.ncf file: 


SET Allow Change to Client Rights = OFF 


The default is ON, because certain job servers and third-party applications 
cannot function without changing to client rights. Refer to the documentation 
that comes with the job server to determine whether the job server can 
function without client rights. 


Using UPS with a Serial Port 


Parameter 


Table 1 


For general information about Uninterruptible Power Supplies, see 
“Uninterruptible Power Supply (UPS)” on page 16. 


Use ups_aio.nlm when you use a serial port to monitor an uninterruptible 
power supply. 


The UPS_AIO module for the serial port does not allow you to change 
parameter settings after loading the module. You must specify the parameter 
settings you need when you load the module. If you want to change the 
settings, reload the module with the new parameter values. 


To display a help screen that explains the parameters, enter the following 
command: 


UPS AIO ? 


The UPS_AIO command with the ? parameter displays a help screen, but does 
not load the UPS_AIO module. 


You do not need to enter any parameters if the default values are acceptable. 
Before loading UPS AIO. review the following table to determine the 
parameters you might want to enter. 


Parameter values for UPS AIO 


Use to 





path 


Specify the path to UPS_AIO only if you moved it 
from the default directory (sys:system) and if there 
is no server search path to the directory where the 
file is located. 
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Parameter 


Use to 





DOWNTIME=number 


MSGDELAY=number 


MSGINTERVAL=number 


DRIVERTYPE=number 


Specify the amount of time to run on battery before 
system shutdown. If power is restored before this 
time elapses, no shutdown will occur. If a low 
battery condition occurs before this time elapses, 
an immediate shutdown will occur. 


Supported values: 30 seconds minimum, no 
practical maximum limit 
Default: 300 seconds 


Specify the elapsed time before a broadcast 
message is sent to all clients logged into the server. 


Supported values: 0 seconds minimum, no 
practical maximum limit 
Default: 5 seconds 


The broadcast message states the time remaining 
until shutdown. 


Specify the time interval between broadcast 
messages sent to users. The message is repeated 
at this interval. 


Supported values: 20 seconds minimum, no 
practical maximum limit 
Default: 30 seconds 


The broadcast message states the time remaining 
until shutdown. 


Specify the AlO device driver type. 


Supported values: 1, 2, 3 
Default: 1 


The default value of 1 represents the AAOCOMX 
driver, which is included with NetWare. Other 
drivers might be represented by other numbers. 
Refer to the documentation that came with the 
driver. 
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Parameter 


Use to 





BOARD=number 


PORT=number 


SIGNAL_HIGH 


Specify the AlO board number. 


Supported values: Determined by the driver 
manufacturer 
Default: 0 


To determine the board number, read the driver 
information when the AIOCOMxX driver is loaded. 
The information includes both the board and port 
numbers. 


If you do not use the AIOCOMX driver, refer to the 
driver documentation to determine the board 
number. 


Specify the port number. 


Supported values: Determined by the driver 
manufacturer 
Default: 0 


To determine the port number, read the driver 
information when the AIOCOMX driver is loaded. 
The information includes both the port and board 
numbers. 


If you do not use the AIOCOMX driver, refer to the 
driver documentation to determine the port number. 


Set the normal RS-232 signaling state to high. 


Supported values: SIGNAL_HIGH or no value 
Default: none 


Use this parameter only if your UPS system uses 
high values, instead of low values, to determine if 
power is off or the battery is low. Most UPS systems 
use low values. Refer to your UPS hardware 
documentation to determine whether you need to 
use the parameter. 


Display a help screen that explains the other 
parameters. When you use this parameter, the 
UPS_AIO module is not loaded. To load the 
module, execute LOAD UPS_AIO without the ? 
parameter. 
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Prerequisites 
Q) A serial port must be available. 


U The UPS AIO module requires an AIO device driver, such as 
AIOCOMX, which is included with NetWare. 





Q) You should know which parameters, if any, you want to specify when you 
load the UPS AIO module. See Table 1 on page 25. 


Procedure 
1 To load the AIOCOMX driver, enter 


[LOAD] [ path] \AIOCOMX 


You can use another AIO driver, if specified by your hardware 
manufacturer. 


When you load AIOCOMX, the screen displays the board and port 
numbers. If either the board or port number is not 0, note the number. You 
will enter the number as a parameter in the next step. 


2 To load the UPS AIO module, enter 
[LOAD] [ path]UPS AIO [ parameter= value...] 


If you do not enter a parameter, the default value for that parameter takes 
effect. For a description of parameters and their values, see Table 1 on 
page 25. 


For example: 
[LOAD] UPS AIO DOWNTIME=60 


Once UPS_AIO is loaded, the UPS screen displays the current status and 
activity of the module. These messages are also logged to the system error 
log, sys$log.err, in the sys:system directory. 


3 (Optional) To toggle from the status screen to other screens, press Alt + 
Esc. 


To load the driver and the UPS_AIO module automatically whenever you start 
the server, enter the commands into the autoexec.ncf file. You can use 
NWCOMFIG or EDIT to add the commands to the file. 
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Protecting Database Integrity with TTS 





To... 


The Transaction Tracking System (TTS) can prevent data corruption by 
backing out of incomplete transactions and keeping a record of backed-out 
data. TTS is available only for the traditional NetWare file system. 


WARNING: By default, TTS is enabled. Do not disable TTS intentionally because this 
will prevent updates to the NDS replicas on the server. 


The NetWare server automatically disables TTS if one of the following 
happens: 


+ The Sys volume becomes full. (The Sys volume is the TTS backout 
volume.) 


+ The NetWare server has insufficient memory to operate TTS. 


If TTS has been disabled and you have solved the problems that led to its 
disabling, use the ENABLE TTS command to enable TTS again. Enter the 
following at the server console prompt: 


ENABLE TTS 


To enable and manage transaction tracking for individual files, use the 
commands and parameters in the following table. 


Do the following ... 


Enable transaction tracking for a file. Use NWADMIN to flag the file as transactional. 


(Note that files flagged as transactional cannot be 
deleted or renamed.) 


See Reference > Utilities Reference > Utilities > 
NetWare Administrator. 
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To... Do the following... 





Enable TTS to backout transactions without Place the following command into the startup.ncf 
displaying confirmation prompts. file and restart the server: 


SET AUTO TTS BACKOUT FLAG = ON 


If this parameter is set to On, the backouts happen 
automatically. The parameter is set to ON by 
default. 


If this parameter is set to Off, you will be prompted 
to confirm file backouts. 


You can also set the parameter with MONITOR 
Available Options > Server Parameters > 
Transaction Tracking. 


Log backed out data to the sys:tts$log.err file. Execute the following command at the server 
console prompt: 


SET TTS ABORT DUMP FLAG = ON 


If this parameter is set to ON, the transactions are 
stored in sys:tts$log.err. 


If this parameter is set to Off, the transactions are 
backed out, but the server does not provide you 
with a record of the backouts. 


You can also set the parameter with MONITOR 
Available Options > Server Parameters > 
Transaction Tracking. 
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